ISA Server 2006 Web Reverse Proxy – challenges

I’ve been having a difficult time trying to set up my virtual machines to be accessible from the interweb. Although I have 5 IP addresses, I’d like to set up my sites as, etc rather than,

I looked at Microsoft TMG (Threat Management Gateway) and balked at the complexity, as I remembered ISA Server being quite simple (wrong…). After an abortive attempt with ISA, I tried Squid, but although I could get the and I couldn’t get paths working

Today, I went back to ISA. I set up the site and rules fine, but kept getting an authetication error “isa server is configured to block http requests that require authentication”. It turns out the problem is that I don’t have a security certificate assigned. After some hunting, there is a Microsoft KB to fix it at

I still couldn’t get to my sites from the LAN (192.168.x.x) though; in this case, I had assigned as the internal network range. However, this doesn’t define a default route for internal-internal, only internal-external. Simply selecting both the external and internal adaptors as valid adapters for the internal network fixed this.

Finally, I couldn’t get to my site from the outside world (tested on my iPad over 3G). It turns out that my BT external IP addresses were not showing up on the device list on the BT HGV2700 hub, so there was no external route to them. I had to enable DHCP on my external adaptor, and then assign the external IP to the device on the BT router.


0 Responses to “ISA Server 2006 Web Reverse Proxy – challenges”

  1. Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

jzedward’s tweets


%d bloggers like this: